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IN THE CLAIMS: 

The present status of the claims is as follows: 

1 . (Original) A method of processing a first data packet transmitted over a 
network from a source to a first recipient, said first data packet comprising a 
header layer and an application data layer, said method comprising: 

(a) capturing said first data packet from said network prior to its 
reception by said first recipient; 

(b) analyzing said header layer of said first data packet according to 
a first rule; 

(c) examining, selectively, a dynamically specified portion of said 
application data layer of said first data packet according to a second rule; 

(d) determining a first action to be taken on said first data packet 
according to a third rule; and 

(e) performing said first action on said first data packet. 

2. (Original) The method of Claim 1, wherein said first recipient transmits a 
second data packet over said network to said source in response to receipt of 
said first data packet, said first action comprising at least storing information 
about said first data packet, said method further comprising: 

(a) capturing said second data packet from said network prior to its 
reception by said source; 

(b) analyzing a header layer of said second data packet according to 
a fourth rule; 

(c) examining, selectively, a dynamically specified portion of said 
application data layer of said second data packet according to a fifth rule; 

(d) determining a second action to be taken on said second data 
packet according to a sixth rule; and 

(e) performing said second action on said second data packet; and 
wherein at least one of said fourth, fifth and sixth rules is based on said 

stored information. 
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3. (Original) The method of Claim 1, wherein said capturing further comprises 
intercepting said first data packet prior to receipt by a network router. 

4. (Original) The method of Claim 1, wherein said capturing is performed by a 
packet interceptor, said method further comprising: 

(f) allowing redefinition of said first, second and third rules by an 
entity external to said packet interceptor. 

5. (Original) The method of Claim 4, wherein said allowing further comprises 
allowing dynamic redefinition. 

6. (Original) The method of Claim 1, further comprising: 

(f) redefining, remotely, said first, second and third rules. 

7. (Original) The method of Claim 1, wherein said second and third rules are 
based at least in part on said analysis of said header. 

8. (Original) The method of Claim 1, wherein said analyzing further comprises 
determining a first result of said first rule, said examining further comprises 
determining a second result of said second rule, said determining further 
comprising determining said first action to be taken on said first data packet 
according to said first and second results. 

9. (Original) The method of Claim 1, wherein further comprising predefining 
said first, second and third rules. 

10. (Original) The method of Claim 1, wherein said analyzing further comprises 
no analysis of said header layer according to said first rule. 

11. (Original) The method of Claim 1, wherein said examining further comprises 
no examination of said application data layer according to said second rule. 
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12. (Original) The method of Claim 1, wherein said header layer further comprises 
a network address, said analyzing further comprises analyzing said network 
address according to said first rule. 

13. (Original) The method of Claim 12, wherein said first rule comprises 
determining whether said network address matches a pre-defined criteria. 

14. (Original) The method of Claim 1, wherein said header layer further comprises 
a network address and said network address comprises a transport control port 
address. 

15. (Original) The method of Claim 1, wherein said header layer further comprises 
a network address and said network address comprises an internet protocol 
address. 

16. (Original) The method of Claim 1, wherein said header layer further comprises 
a network address and said network address comprises a media access control 
address. 

17. (Original) The method of Claim 1, wherein said application data layer 
comprises application data generated by said source. 

18. (Original) The method of Claim 17, wherein said application data comprises a 
uniform resource locator and further wherein said second rule comprises 
determining whether said uniform resource locator matches a pre-defined 
criteria. 

19. (Original) The method of Claim 1, wherein said capturing further comprises 
capturing by a packet interceptor, said first action comprises: 

forwarding said first data packet to an entity external to said packet 
interceptor, said external entity being different from said first recipient. 
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20. (Original) The method of Claim 1 5 wherein said first action comprises: 

releasing said first data packet to said network. 

21. (Original) The method of Claim 1, wherein said capturing is performed by a 
packet interceptor, said first action comprises: 

copying said first data packet to a second data packet; and 
forwarding said second data packet to an entity external to said packet 
interceptor, said external entity being different from said first recipient. 

22. (Original) The method of Claim 2 1 , wherein said first action further 
comprises: 

receiving a command from said external entity dictating a second 
action be taken on said first data packet. 

23. (Original) The method of Claim 22, wherein said second action comprises 
deleting said first data packet. 

24. (Original) The method of Claim 22, wherein said second action comprises 
releasing said first data packet to said network. 

25. (Original) The method of Claim 21, wherein said first action further 
comprises: 

releasing said first data packet to said network. 

26. (Original) The method of Claim 1, wherein said first action comprises: 

modifying said first data packet; and 

releasing said modified first data packet to said network. 

27. (Original) The method of Claim 26, wherein said modifying further includes: 

modifying at least a portion of said header layer. 

28. (Original) The method of Claim 26, wherein said modifying further includes: 

modifying at least a portion of said application data layer. 
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29. (Original) The method of Claim 1 5 wherein said first action comprises: 

transmitting a response to said source based on said first data packet 
according to a fourth rule. 

30. (Original) The method of Claim 29, wherein said first action further comprises 
configuring said response to appear to originate from said first recipient. 

3 1 . (Original) The method of Claim 1 , wherein said capturing is performed by a 
packet interceptor, said packet interceptor comprising a plurality of rule sets 
and wherein a first rule set of said plurality of rule sets comprises said first, 
second and third rules and said first action, said method further comprising: 

(f) determining which of said plurality of rule sets to apply to said 
first data packet. 

32. (Original) The method of Claim 1, wherein said capturing is performed by a 
packet interceptor, said method further comprising: 

(f) facilitating performing (a), (b), (c), (d) and (e) non-invasively 
with respect to said network for a plurality of entities external to said packet 
interceptor. 

33. (Original) The method of Claim 1, said method further comprising performing 
(a), (b), (c), (d) and (e) by a router. 

34. (Original) The method of Claim 1, wherein said capturing is performed by a 
packet interceptor, said method further comprising: 

(f) receiving a second data packet from an entity external to said 
packet interceptor, said second data packet directed to said packet interceptor; 
and 

(g) introducing said second data packet into said network. 

35. (Original) The method of Claim 1, wherein said network is characterized by a 
wire speed, said method further comprising performing (a)-(e) at least at said 
wire speed. 
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36. (Original) The method of Claim 1, wherein said first data packet is 
characterized seven Open Systems Interconnection ("OSI") defined layers, 
said dynamically specified portion comprising any at least one of said seven 
layers. 

37. (Original) The method of Claim 1, wherein said network comprises an optical 
network. 

38. (Original) The method of Claim 1, wherein said network comprises an 
electrical network. 

39. (Original) The method of Claim 1, wherein (b) further comprises determining 
a first result of said first rule and (c) further comprises determining a second 
result of said rule, said method further comprising: 

(f) storing said first and second results; 

(g) capturing a second data packet from said network prior to its 
reception by said first recipient; 

(h) analyzing said header layer of said second data packet according 
to said first rule and at least one of said stored first and second results; 

(i) examining, selectively, a dynamically specified portion of said 
application data layer of said second data packet according to a second rule 
and at least one of said stored first and second results; 

(j) determining a second action to be taken on said second data 
packet according to said third rule; and 

(k) performing said second action on said second data packet. 

40. (Original) The method of Claim 1, further comprising performing (a)-(e) 
invisibly to at least one of said source and said first recipient. 

41. (Original) A method of processing a first data packet directed to a first 
recipient over a network, said first data packet comprising header data and 
application data, said method comprising: 



: :ODM A\PCDOCS\DMS_MAINY70649\9 



9 



Serial No.: 09/858,309 
Our Case No. 10736/6 

(a) intercepting said first data packet prior to receipt by said first 
recipient; 

(b) capturing said first data packet in a buffer; 

(c) analyzing, selectively, said header data according to a first rule; 

(d) analyzing, selectively, a dynamically specified portion of said 
application data according to a second rule; 

(e) copying, selectively, said first data packet and forwarding, 
selectively, said copied first data packet to a second recipient different from 
said first recipient according to a third rule; 

(f) releasing, selectively, said first data packet back to said network 
according to a fourth rule; 

(g) modifying, selectively, said first data packet and releasing, 
selectively, said modified first data packet back to said network according to a 
fifth rule; 

(h) deleting, selectively, said first data packet from said buffer 
according to a sixth rule; and 

(i) storing, selectively, information about said first data packet 
according to a seventh rule. 

42. (Original) The method of Claim 41, further comprising: 

(j) receiving a second data packet from said second recipient and 
introducing said second data packet into said network. 

43. (Original) The method of Claim 41, further comprising: 

(j) redefining said first, second, third, fourth, fifth, sixth and 
seventh rules by said second recipient. 

44. (Original) The method of Claim 41, further comprising: 

(j) performing (e) and (f) as a compound operation. 

45. (Original) The method of Claim 41, further comprising: 

(j) performing (e) and (g) as a compound operation. 
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46. (Original) The method of Claim 41, further comprising: 

(j) performing (e) and (h) as a compound operation. 

47. (Original) The method of Claim 41, further comprising: 

(j) performing (g) and (h) as a compound operation. 

48. (Original) The method of Claim 41, further comprising: 

(j) generating a second data packet directed to said source in 
response to said first data packet according to a eighth rule. 

49. (Original) The method of Claim 41, further comprising performing (e), (f), (g) 
and (h) in response to a command from said second recipient. 

50. (Original) An apparatus for processing a first packet transmitted over a 
network from a source to a first destination, said first packet comprising a 
header layer and an application data layer, said apparatus comprising: 

a network interface operative to receive said first packet from said 

source; 

a routing processor coupled with said network interface and operative 
to receive said first packet from said network interface and convey said first 
packet to said first destination; and 

a packet processor coupled with said network interface and said routing 
processor, said packet processor comprising: 

a packet analyzer operative to analyze said header layer 
according to a first rule and selectively analyze a dynamically specified 
portion of said application data layer according to a second rule; and 

a packet redirector coupled with said packet analyzer and said 
routing processor and operative to selectively perform an action on said first 
packet according to a third rule prior to said conveyance by said routing 
processor. 
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5 1 . (Original) The apparatus of Claim 50, wherein said packet processor further 
comprises a packet interceptor operative to buffer said first packet for analysis 
by said packet analyzer. 

52. (Original) The apparatus of Claim 50, wherein said packet processor is further 
coupled between said network interface and said routing processor. 

53. (Original) The apparatus of Claim 51, wherein said packet processor intercepts 
said first packet prior to receipt by said routing processor. 

54. (Original) The apparatus of Claim 50, wherein said packet processor further 
comprises an external device interface for communicating with a device 
external to said apparatus. 

55. (Original) The apparatus of Claim 54, wherein said first, second and third rules 
are capable of being redefined via said external device interface. 

56. (Original) The apparatus of Claim 54, wherein said action further comprises 
forwarding said first packet to said device. 

57. (Original) The apparatus of Claim 54, wherein said action further comprises 
creating a copy of said first packet, storing said first packet in a buffer and 
forwarding said copy to said device. 

58. (Original) The apparatus of Claim 57, wherein said action further comprises 
deleting said first packet in response to a command received from said device. 

59. (Original) The apparatus of Claim 57, wherein said action further comprises 
releasing said first packet to said routing processor in response to a command 
received from said device. 

60. (Original) The apparatus of Claim 54, wherein said action further comprises 
receiving a second packet from said external device and releasing said second 
packet to said routing processor. 
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61. (Original) The apparatus of Claim 50, wherein said action further comprises 
releasing said first packet to said routing processor. 

62. (Original) The apparatus of Claim 50, wherein said action further comprises 
storing information about said first packet for use in analyzing a second packet 
transmitted from said first destination to said source over said network. 

63. (Original) The apparatus of Claim 50, wherein said action further comprises 
modifying said first packet and releasing said modified packet to said routing 
processor. 

64. (Original) The apparatus of Claim 50, wherein said action further comprises 
transmitting a second packet to said source in response to said first packet. 

65. (Original) The apparatus of Claim 50, wherein said network is characterized 
by an operating speed, said apparatus operative to operate at least as fast as 
said operating speed. 

66. (Original) The apparatus of Claim 50, wherein said network comprises an 
optical network, said network interface being further operative to couple with 
said optical network. 

67. (Original) The apparatus of Claim 50, wherein said first, second and third rules 
are operative to factor in past analysis of prior received packets. 

68. (Original) The apparatus of Claim 50, wherein one of said source and said first 
destination is unaware of said apparatus. 

69. (Original) The apparatus of Claim 50, is logically invisible to said network. 

70. (Original) The apparatus of Claim 50, wherein said apparatus is selectively 
visible to at least one of said source and said first destination. 
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71. (Original) The apparatus of Claim 70, wherein said apparatus is selectively 
network addressable. 

72. (Original) An adapter for a router comprising: 

a router interface operative to couple said adapter with said router; 

a packet processor coupled with said router interface and operative to 
intercept a first packet prior to receipt by said router, said packet processor 
further comprising: 

a buffer operative to receive and store said first packet for 

processing; 

first logic coupled with said buffer, said first logic operative to 
apply a first function to a header layer of said first packet and produce a first 
result; 

second logic coupled with said buffer, said second logic 
operative to apply a second function to a dynamically specified portion of said 
application data layer of said first packet and produce a second result; and 

third logic coupled with said buffer and said first and second 
logic, said third logic operative to perform an operation on said first packet 
using a third function and said first and second results. 

73. (Original) The adapter of Claim 72, wherein said first, second and third logic 
are capable of being dynamically redefined. 

74. (Original) The adapter of Claim 72, wherein said second logic is further 
coupled with said first logic and further comprises an input for receiving said 
first result. 

75. (Original) The adapter of Claim 72, further comprising an external device 
interface operative to interconnect one or more devices to said packet 
processor, said devices being external to said router and said adapter. 
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76. (Original) The adapter of Claim 75, wherein said packet processor is further 
operative to non-invasively interconnect said one or more devices to said 
network. 

77. (Original) The adapter of Claim 75, wherein said packet processor is further 
operative to receive one or more commands from said one or more devices and 
wherein said first, second and third logic are further operative to respond to 
said one or more commands. 

78. (Original) The adapter of Claim 75, wherein said third function comprises 
forwarding said first packet from said buffer to a first of said one or more 
devices based on said first and second results. 

79. (Original) The adapter of Claim 75, wherein said third function comprises 
forwarding a copy of said first packet to a first of said one or more devices and 
retaining said first packet in said buffer based on said first and second results. 

80. (Original) The adapter of Claim 79, wherein said third function further 
comprises forwarding said first packet from said buffer to said router in 
response to a command received from said first of said one or more devices. 

81. (Original) The adapter of Claim 79, wherein said third function further 
comprises purging said first packet from said buffer in response to a command 
received from said first of said one or more devices. 

82. (Original) The adapter of Claim 75, wherein said packet processor is further 
operative to receive a second packet from a first of said one or more devices 
and forward said second packet to said router. 

83. (Original) The adapter of Claim 72, wherein said first function comprises a 
comparison function. 
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84. (Original) The adapter of Claim 72, wherein said second function comprises a 
comparison function. 

85. (Original) The adapter of Claim 72, wherein said third function comprises 
forwarding said first packet from said buffer to said router based on said first 
and second results. 

86. (Original) The adapter of Claim 72, wherein said third function comprises 
modifying said first packet in said buffer and forwarding said modified packet 
from said buffer to said router based on said first and second results. 

87. (Original) The adapter of Claim 72, wherein said first packet comprises a 
packet transmitted from a source to a destination over a network, said third 
function comprises storing information about said first packet for subsequent 
processing by said adapter of a second packet transmitted from said 
destination to said source over said network. 

88. (Original) The adapter of Claim 72, wherein said third function comprises 
generating a response packet to said first packet and forwarding said response 
packet to said router based on said first and second results. 

89. (Original) The adapter of Claim 72, further comprising fourth logic coupled 
with said first, second and third logic, and operative to store state information 
related to said first and second results and said operation, said first, second and 
third logic being further operative to use said state information to produce said 
first and second results and perform said operation. 

90. (Original) A system for facilitating a non-invasive interface to a network 
comprising: 

a router coupled with said network and operative to route a first packet 
from a first source to a first destination; and 

a packet processor coupled with said router and operative to receive 
said first packet from said first source and process said first packet prior to 
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routing by said router, said packet processor including: 

a rule set comprising first, second and third rules; 

first logic operative to analyze a header layer of said first packet 

according to said first rule; 

second logic operative to analyze a dynamically specified 

portion of said application data layer of said first packet according to said 

second rule; 

third logic operative to perform a function on said first packet 
according to said third rule; and 

an external interface operative to transparently couple a first 
external device to said packet processor. 

91. (Original) The system of Claim 90, wherein said function comprises 
forwarding a copy of said first packet to said first external device. 

92. (Original) The system of Claim 91, wherein said function further comprises 
forwarding said first packet to said router. 

93. (Original) The system of Claim 92, wherein said forwarding is in response to a 
command from said first external device. 

94. (Original) The system of Claim 91, wherein said function further comprises 
deleting said first packet. 

95. (Original) The system of Claim 94, wherein said deleting is in response to a 
command from said first external device. 

96. (Original) The system of Claim 90, wherein said function comprises 
forwarding said first packet to said router. 

97. (Original) The system of Claim 90, wherein said function further comprises 
storing information about said first packet. 
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98. (Original) The system of Claim 97, wherein said packet processor is further 
operative to receive a second packet from said first destination for routing to 
said first source and process said second packet prior to routing by said router, 
at least one of said first, second and third rules being based on said stored 
information. 

99. (Original) The system of Claim 90, wherein said function comprises deleting 
said first packet. 

100. (Original) The system of Claim 90, wherein said function comprises 
modifying said first packet and forwarding said modified first packet to said 
router. 

101. (Original) The system of Claim 100, wherein said function further comprises 
adapting a content of said application data layer. 

102. (Original) The system of Claim 90, wherein said packet processor further 
comprises an external packet receiver operative to receive a second packet 
generated by said first external device and forward said second packet to said 
router. 

103. (Original) The system of Claim 90, wherein said function comprises 
formulating a response packet to said first packet and forwarding said response 
packet to said router for routing to said first source. 

104. (Original) The system of Claim 90, wherein said rule set is operative to be 
modified by said first external device. 

105. (Original) The system of Claim 90, wherein said first packet is allowed to be 
received by said router in parallel with said reception by said packet processor 
and wherein said function further comprises preventing said routing of said 
first packet. 
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106. (Original) The system of Claim 90, wherein said packet processor is 
characterized by a first latency and said router is characterized by a second 
latency, said system latency being substantially equivalent to the sum of said 
first and second latencies and wherein said external device is characterized by 
a third latency, said system latency being unaffected by said third latency. 

107. (Original) The system of Claim 90, wherein said external interface is operative 
to couple one or more of said external devices with said packet processor in 
parallel with the others of said one or more of said external devices. 

108. (Previously presented) An edge server coupled between a point-of-presence 
("POP") and a network and operative to monitor a network traffic stream 
passing between said POP and said network, said edge server comprising: 

a traffic interceptor operative to selectively intercept said network 
traffic stream between said POP and said network prior to said network traffic 
stream reaching its intended destination; and 

a traffic modifier operative to modify said selectively intercepted traffic 
and reinsert said modified selectively intercepted traffic into said network. 

109. (Original) The edge server of Claim 108, wherein said network traffic stream 
comprises a plurality of packets, said traffic interceptor being further operative 
to selectively intercept at least one of said plurality of packets. 

1 10. (Original) The edge server of Claim 108, wherein said network is 
characterized by a transmission rate, said edge server capable of operating at 
least at said transmission rate. 

111. (Original) The edge server of Claim 108, wherein said network traffic stream 
comprises a bi-directional network traffic stream, said traffic interceptor 
further operative to selectively intercept said bi-directional network traffic 
stream. 
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